in reply to (tye)Re: xor encrypt-decrypt routine
in thread xor encrypt-decrypt routine

Could you explain this one to me? I think I am missing something.
The way I see it, you have a target file which is unknown to you, and a random key which are XOR'd into the encrypted version. Wouldn't Random plus an unknown content (despite being ordered/logical) still be random?
Did you go by the fact that you knew it was source code you were decrypting so you knew to look for obvious text such as #define, or #include, or main

If I took a file, and did some alphabet substitutions on it so that it no longer had a language form, and then XOR'd it to random data, would you still be able to decipher/unobscure it?
thanks!
  • Comment on Re: (tye)Re: xor encrypt-decrypt routine

Replies are listed 'Best First'.
(tye)Re3: xor encrypt-decrypt routine
by tye (Sage) on Jan 23, 2001 at 04:07 UTC

    Two main problems: First, the "key" is too short and so repeats a ton of times on a moderately large file so you have lots of opportunity to figure out parts of the key one place and use that knowledge a ton of other places. Second, you are xoring ASCII characters so it isn't that hard to recognize patterns.

    If I wanted to do something like this I would:

    • Compress the clear text first.
    • Add a random pre-amble of random length since the compressed clear text will start with a predictable signature (see other threads here on how to get enough randomness).
    • Don't use the key directly. Use a MD5 hash of the key, for example.
    • Use the compressed clear text to modify what you are xoring with as you go.
    But I'm not a professional cryptographer and I strongly suspect that a professional cryptographer would be able to break such a scheme. You are really better off to go with a recognized encryption algorythm.

            - tye (but my friends call me "Tye")
[reply]

In Section Seekers of Perl Wisdom